|
The OSI model breaks networking steps down into a series of six layers. |
False |
|
Behavior-based monitoring attempts to overcome the limitations of both anomaly-based monitoring and signature-based monitoring by being more adaptive and proactive instead of reactive. |
True |
|
All modern operating systems include a hardware firewall, usually called a host-based firewall |
False |
|
Workgroup switches must work faster than core switches. |
False |
|
An intranet is a separate open network that anyone can access without prior authorization. |
False |
|
NAT is not a specific device, technology, or protocol. It is a technique for substituting IP addresses. |
True |
|
A security advantage of VLANs is that they can be used to prevent direct communication between servers. |
True |
|
An agent may be a permanent NAC agent and reside on end devices until uninstalled, but it cannot be a dissolvable NAC agent |
False |
|
One use of data loss prevention (DLP) is blocking the copying of files to a USB flash drive. |
True |
|
Anomaly monitoring is designed for detecting statistical anomalies |
True |
|
An early networking device that functioned at layer 1 of the OSI model and added devices to a single segment is known as which of the following choices? |
D. Hub |
|
What data unit is associated with the Open Systems Interconnection layer four? |
A. Segment |
|
What data unit is associated with the Open Systems Interconnection layer two? |
C. Frame |
|
What kind of networking device forwards packets across different computer networks by reading destination addresses? |
B. Router |
|
An administrator has two servers that host the same web content, but only one server is utilized at a given time. What can be configured that can help to evenly distribute work across the network, and make use of both servers in a manner that is transparent to the end users? |
B. Load Balancing |
|
A firewall that keeps a record of the state of a connection between an internal computer and an external device is using what technology below? |
C. Stateful Packet filtering |
|
What is the name of a computer or application program that intercepts user requests from the internal secure network and then processes that request on behalf of the user? |
A. Forward Proxy server |
|
Which of the following is a server that routes incoming requests coming from an external network to the correct internal server? |
D. reverse proxy |
|
What technology enables authorized users to use an unsecured public network, such as the Internet as if it were a secure private network? |
B. VPN |
|
Select the technology that can be used to examine content through application-level filtering. |
C. Web security gateway |
|
What type of monitoring compares network traffic, activities, transactions, or behavior against a database of known attack patterns? |
D. Signature-based |
|
What is the name of an instruction that interrupts a program being executed and requests a service from the operating system? |
A. System call |
|
When a private network uses a single public IP address, and each outgoing TCP packet uses a different port to allow for proper translation, what networking technology is in use? |
A. PAT |
|
Which network address below is not a private IP address network? |
B. 172.63.255.0 |
|
A web server must be accessible to untrusted outside users. What can be done to isolate this host and any additional hosts with similar requirements from more secured hosts on a network? |
C. Create a DMZ, add necessary hosts. |
|
What vendor neutral protocol implements support for VLAN tagging? |
C. 802.1Q |
|
The management in your corporate office needs to group users on the network together logically even though they are attached to separate network switches. How can this be done? |
D. Create a VLAN and add the users’ computers / ports to the correct VLAN |
|
What technology will examine the current state of a network device before allowing it can to connect to the network and force any device that does not meet a specified set of criteria to connect only to a quarantine network? |
A. Network access control |
|
What type of dedicated cryptographic processor that provides protection for cryptographic keys? |
D. Hardware security module |
|
Which of the following is a software-based application that runs on a local host computer that can detect an attack as it occurs? |
B. host-based intrusion detection system |
|
When VPN network traffic is routing only some traffic over the secure VPN while other traffic directly accesses the Internet, what technology is being used? |
B. Split tunneling |
|
What dedicated hardware device aggregates hundreds or thousands of VPN connections? |
D. VPN concentrator |
|
What specific type of hardware card inserts into a web server that contains one or more co-processors to handle SSL/TLS processing? |
A. SSL/TLS accelerator |
|
What type of network is a private network that belongs to an organization that can only be accessed by approved internal users? |
B. Intranet |
|
What type of network is a private network that can also be accessed by authorized external customers, vendors, and partners? |
A. Extranet |
|
If a network is completely isolated by an air gap from all other outside networks it is using what type of configuration? |
physical network segregation |
|
What term is used to describe the software agents that are used by NAC and installed on devices to gather information? |
C. Host agent health checks |
|
What type of network access control uses Active Directory to scan a device to verify that it is in compliance? |
A. agentless NAC |
|
Which of the following is defined as a security analysis of the transaction within its approved context? |
B. Content inspection |
|
Which of the following is a system of security tools that are used to recognize and identify data that is critical to the organization and ensure that it is protected? |
D. data loss prevention |
Share This
Flashcard
